Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9153CE9/0AB1D396F51511EB9EFE0750C4F9AE02/C564C7A6644F11EE99C05D56C4F9AE02.roa
File: C564C7A6644F11EE99C05D56C4F9AE02.roa (raw, json)
Hash identifier: 9FX/jjzdGeDve4yDRR10OrQCMvjmtpQRfoJDvFeeypk=
Subject key identifier: 77:B3:21:AF:4F:1B:A0:A7:E3:AF:F3:B5:62:C5:D1:50:DC:74:90:38
Certificate issuer: /CN=A9153CE9/serialNumber=E0996115508A3AD59915DBABCCB696DBA0B4CC72
Certificate serial: 042A
Authority key identifier: E0:99:61:15:50:8A:3A:D5:99:15:DB:AB:CC:B6:96:DB:A0:B4:CC:72
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4JlhFVCKOtWZFdurzLaW26C0zHI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9153CE9/0AB1D396F51511EB9EFE0750C4F9AE02/C564C7A6644F11EE99C05D56C4F9AE02.roa
Signing time: Fri 06 Oct 2023 13:53:47 +0000
ROA not before: Fri 06 Oct 2023 13:53:47 +0000
ROA not after: Wed 29 May 2024 00:00:00 +0000
asID: 36351
IP address blocks: 45.65.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1066 (0x42a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9153CE9/serialNumber=E0996115508A3AD59915DBABCCB696DBA0B4CC72
Validity
Not Before: Oct 6 13:53:47 2023 GMT
Not After : May 29 00:00:00 2024 GMT
Subject: CN=6520116b-21e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5d:c8:bd:4e:72:cc:74:36:f4:5d:3b:fa:90:
cf:35:25:87:ea:d3:d8:32:41:fb:52:ba:4a:74:c9:
24:e5:a8:d9:a8:fe:66:b1:c7:3c:8f:d4:6f:95:c1:
d4:19:a4:88:2d:8d:76:f2:ff:1b:10:ba:89:c2:d5:
f5:e4:c9:e4:31:7e:6c:e6:44:c5:26:bd:91:76:77:
5f:a6:82:7a:25:91:b0:11:4f:53:d0:44:b5:2a:91:
a2:7b:4c:96:f7:87:80:17:d3:8b:e8:2e:8c:8c:b9:
b7:8f:a0:f4:ee:4e:a1:2c:5c:27:9c:ce:83:5d:c0:
99:97:21:04:75:49:3c:f3:58:6b:67:38:6f:ad:45:
5c:98:2d:c6:7e:62:b0:08:05:33:83:c9:57:e3:2b:
4f:96:5b:a4:67:0b:7f:d6:1c:8d:f5:62:ef:8a:6b:
6d:07:96:32:df:bb:d1:02:a8:e6:e0:a6:a7:1f:56:
33:c0:f4:76:cc:91:ce:58:8b:3b:7e:3a:2d:da:ea:
a0:e7:a8:47:17:eb:8e:f8:74:72:8c:9c:ed:86:3d:
47:eb:e3:1d:f6:25:f9:45:b2:41:0c:b6:44:39:4c:
2b:b7:df:c7:32:a5:d5:dd:54:b1:ca:44:6a:1d:44:
84:de:be:f4:ae:16:8f:8f:7c:9a:02:3d:98:33:c0:
4a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:B3:21:AF:4F:1B:A0:A7:E3:AF:F3:B5:62:C5:D1:50:DC:74:90:38
X509v3 Authority Key Identifier:
keyid:E0:99:61:15:50:8A:3A:D5:99:15:DB:AB:CC:B6:96:DB:A0:B4:CC:72
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9153CE9/0AB1D396F51511EB9EFE0750C4F9AE02/4JlhFVCKOtWZFdurzLaW26C0zHI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4JlhFVCKOtWZFdurzLaW26C0zHI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153CE9/0AB1D396F51511EB9EFE0750C4F9AE02/C564C7A6644F11EE99C05D56C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.65.32.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:d9:ff:61:0e:f2:5a:2d:fd:2e:ae:f5:7f:f9:cc:a5:fc:dc:
b5:95:1c:8e:6e:13:7d:34:04:14:07:37:26:cd:c6:25:22:35:
ca:2e:19:e3:18:7e:0b:d0:c5:35:85:18:92:a9:ed:d7:18:dd:
97:1c:a5:43:82:fc:4f:b9:34:5b:0d:29:31:db:d0:db:92:fb:
02:77:bb:44:1c:3e:70:d4:7d:6c:a6:97:17:33:66:8c:14:fb:
a9:4d:8e:40:9d:f8:47:42:0a:ee:bb:2a:19:ac:9f:11:0c:df:
2d:5f:16:5e:e2:07:5d:88:d9:bd:20:81:05:84:3d:de:93:e7:
2d:ef:74:96:99:55:55:b4:17:15:b9:a1:03:17:5d:bc:45:5a:
6c:0b:15:fb:b3:8d:f1:4a:18:64:d6:14:f9:39:7a:14:c6:4a:
6d:25:83:43:b9:b0:3e:8c:f8:fa:27:6d:05:20:85:bd:15:3b:
65:61:17:85:ea:b2:77:68:97:98:6a:e0:37:2c:b4:71:4e:f8:
ad:80:89:9c:74:c8:bc:40:c6:a3:74:bf:c2:1b:dc:69:cc:2a:
d0:39:7e:3c:f1:04:cc:a5:b2:8b:54:75:48:e6:ac:c5:9d:95:
a0:95:00:d9:33:64:c2:e1:f9:76:d4:a5:fc:d1:42:a0:bc:f6:
0f:63:94:71
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBCowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTNDRTkxMTAvBgNVBAUTKEUwOTk2MTE1NTA4QTNBRDU5OTE1REJBQkNDQjY5NkRC
QTBCNENDNzIwHhcNMjMxMDA2MTM1MzQ3WhcNMjQwNTI5MDAwMDAwWjAYMRYwFAYD
VQQDEw02NTIwMTE2Yi0yMWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq13IvU5yzHQ29F07+pDPNSWH6tPYMkH7UrpKdMkk5ajZqP5mscc8j9RvlcHU
GaSILY128v8bELqJwtX15MnkMX5s5kTFJr2RdndfpoJ6JZGwEU9T0ES1KpGie0yW
94eAF9OL6C6MjLm3j6D07k6hLFwnnM6DXcCZlyEEdUk881hrZzhvrUVcmC3GfmKw
CAUzg8lX4ytPllukZwt/1hyN9WLvimttB5Yy37vRAqjm4KanH1YzwPR2zJHOWIs7
fjot2uqg56hHF+uO+HRyjJzthj1H6+Md9iX5RbJBDLZEOUwrt9/HMqXV3VSxykRq
HUSE3r70rhaPj3yaAj2YM8BKkwIDAQABo4IClTCCApEwHQYDVR0OBBYEFHezIa9P
G6Cn46/ztWLF0VDcdJA4MB8GA1UdIwQYMBaAFOCZYRVQijrVmRXbq8y2ltugtMxy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1M0NFOS8wQUIxRDM5NkY1
MTUxMUVCOUVGRTA3NTBDNEY5QUUwMi80SmxoRlZDS090V1pGZHVyekxhVzI2QzB6
SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzRKbGhGVkNLT3RXWkZkdXJ6TGFXMjZDMHpISS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTNDRTkvMEFCMUQzOTZGNTE1MTFFQjlFRkUwNzUwQzRGOUFFMDIvQzU2NEM3QTY2
NDRGMTFFRTk5QzA1RDU2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAItQSAwDQYJKoZIhvcNAQELBQADggEBAE7Z/2EO8lot/S6u
9X/5zKX83LWVHI5uE300BBQHNybNxiUiNcouGeMYfgvQxTWFGJKp7dcY3ZccpUOC
/E+5NFsNKTHb0NuS+wJ3u0QcPnDUfWymlxczZowU+6lNjkCd+EdCCu67KhmsnxEM
3y1fFl7iB12I2b0ggQWEPd6T5y3vdJaZVVW0FxW5oQMXXbxFWmwLFfuzjfFKGGTW
FPk5ehTGSm0lg0O5sD6M+PonbQUghb0VO2VhF4Xqsndol5hq4DcstHFO+K2AiZx0
yLxAxqN0v8Ib3GnMKtA5fjzxBMylsotUdUjmrMWdlaCVANkzZMLh+XbUpfzRQqC8
9g9jlHE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:06 2024 by rpki-client on console-ams.rpki-client.org